202
edits
Difference between revisions of "SASL Authentication and SCRAM"
Jump to navigation
Jump to search
m
SASL Authentication and SCRAM (view source)
Revision as of 07:06, 16 August 2022
, 07:06, 16 August 2022no edit summary
m (Condense lots of individual sections with single links in them) |
Neustradamus (talk | contribs) m |
||
| Line 8: | Line 8: | ||
Its main benefits are in offering both a method to salt and hash the password in storage and in transit. This page aims to give a short introduction on how to implement it in a client. | Its main benefits are in offering both a method to salt and hash the password in storage and in transit. This page aims to give a short introduction on how to implement it in a client. | ||
With changes from TLS 1.2 to TLS 1.3, an | With changes from TLS 1.2 to TLS 1.3, an RFC has been done: [https://tools.ietf.org/html/rfc9266 RFC9266: Channel Bindings for TLS 1.3]. | ||
=== SCRAM-SHA-256(-PLUS) === | === SCRAM-SHA-256(-PLUS) === | ||
| Line 217: | Line 217: | ||
* [https://tools.ietf.org/html/rfc5056 RFC5056: On the Use of Channel Bindings to Secure Channels] | * [https://tools.ietf.org/html/rfc5056 RFC5056: On the Use of Channel Bindings to Secure Channels] | ||
* [https://tools.ietf.org/html/rfc5929 RFC5929: Channel Bindings for TLS] | * [https://tools.ietf.org/html/rfc5929 RFC5929: Channel Bindings for TLS] | ||
* [https://tools.ietf.org/html/rfc9266 RFC9266: Channel Bindings for TLS 1.3] | |||
* [https://www.iana.org/assignments/channel-binding-types/channel-binding-types.xhtml Channel-Binding Types] | * [https://www.iana.org/assignments/channel-binding-types/channel-binding-types.xhtml Channel-Binding Types] | ||
=== Other Related Protocols === | === Other Related Protocols === | ||
| Line 226: | Line 226: | ||
* [https://tools.ietf.org/html/rfc5803 RFC5803: Lightweight Directory Access Protocol (LDAP) Schema for Storing Salted: Challenge Response Authentication Mechanism (SCRAM) Secrets] | * [https://tools.ietf.org/html/rfc5803 RFC5803: Lightweight Directory Access Protocol (LDAP) Schema for Storing Salted: Challenge Response Authentication Mechanism (SCRAM) Secrets] | ||
* [https://tools.ietf.org/html/rfc7804 RFC7804: Salted Challenge Response HTTP Authentication Mechanism] | * [https://tools.ietf.org/html/rfc7804 RFC7804: Salted Challenge Response HTTP Authentication Mechanism] | ||
* [https://tools.ietf.org/html/draft- | * [https://tools.ietf.org/html/draft-ietf-kitten-scram-2fa Extensions to Salted Challenge Response (SCRAM) for 2 factor authentication: draft-ietf-kitten-scram-2fa] | ||
* [https://www.iana.org/assignments/sasl-mechanisms/sasl-mechanisms.xhtml Simple Authentication and Security Layer (SASL) Mechanisms] | * [https://www.iana.org/assignments/sasl-mechanisms/sasl-mechanisms.xhtml Simple Authentication and Security Layer (SASL) Mechanisms] | ||
* [https://github.com/scram-sasl/info/issues/1 SCRAM-SASL State of Play] | |||